libfreetype CVE FYI

Ken Brown
Wed Oct 21 21:20:24 GMT 2020

On 10/21/2020 1:03 PM, Achim Gratz wrote:
> Ken Brown via Cygwin-apps writes:
>> Thanks, Brian.  I'll update it.
> Did you intend to release this security / minor version update as a test
> release?  It would seem more prudent to just update the package or do
> you expect problems?

I did that because Fedora is still on 2.10.2, and I generally try to avoid 
getting ahead of Fedora on package releases.  That's because (a) the Fedora 
maintainers are more knowledgeable than I am about many of the packages that I 
maintain, and (b) the update will get much more testing once Fedora releases it.

That said, I agree that a security update should get high priority.  So I'll 
wait a few more days for Fedora, and then I'll go ahead and promote the test 
release to "current", regardless of what Fedora does.


More information about the Cygwin-apps mailing list